Desktop Security Policy

Purpose

The purpose of this policy is to secure CoB computers and the UNT network thereby reducing the risk of external and internal security attacks and the liability associated with the use of unlicensed software.

Desktop Security Policy

The policy identifies two types of computer users: those users who cannot self install software to their machines and those users who can install software.

Users will be encouraged to consult with the CoB Business Information Technology Services with regard to security and compatibility issues associated with any non-standard software they install.

Default CoB Policy - Users cannot self install software

The G. Brint Ryan College of Business standard Windows 10 software image will be "secured." The term "secured" means that users will be able to perform the usual tasks on their machines such as starting programs, opening and saving files, and most personal customizations of desktop preferences. However, users will not be able to install any software on their systems.

When individuals require software packages that are not in the standard image, the CoB Computing Center's Technical Support Team will perform a short review of the computer safety, licensing, and business necessity issues and assist in the installation of those packages that pass the review. If a disagreement occurs on this review, users can appeal to the CoB Director of Information and Learning Technologies. If the Director, after consultation with the user and CoB Technical Support, authorizes the use of the software, CoB Technical Support will assist with the installation.

This policy decreases the risks of "hacker" attacks via software with Internet connections, i.e. instant messenger programs, peer-to-peer programs and virus attacks, since the programs will not have the ability to modify the machine's environment.

Administrative CoB Users - Have complete access to computers

For those faculty and staff whose research, teaching, or job duties involve the installation of software or other changes to their desktop systems, a waiver to this policy can be secured by obtaining permission from the CoB Director of Information and Learning Technologies. Once users have obtained the waiver, they will be granted complete administrative access to their machine.

Importance of Security

While the Internet has transformed and greatly improved many people's lives, this vast network and its associated technologies have opened the door to an increasing number of security threats. The consequences of attacks can range from the mildly inconvenient to the completely debilitating. Important data can be lost, privacy can be violated, and your computer can even be used by a hacker to attack other computers on campus or across the Internet.

Threats to Data

As with any type of crime, threats to the privacy and integrity of data come from a small minority. However, while a car thief can steal only one car at a time, a hacker working from a single computer can generate damage to a large number of computer networks that can wreak havoc on our campus, and even country's, information infrastructure. Whether you want to secure a car, a home, a campus, or a nation, a general knowledge of security threats and how to protect yourself is essential.

Viruses
Viruses are the most widely known security threat because they often garner extensive press coverage. Viruses are computer programs that are designed to replicate themselves and infect computers when triggered by a specific event. For example, viruses called macro viruses attach themselves to files that contain macro instructions (routines that can be repeated automatically, such as sending email) and are then activated every time the macro runs. The effects of some viruses are relatively benign and cause annoying interruptions such as displaying a comical message when striking a certain letter on the keyboard. Other viruses are more destructive and cause such problems as deleting files from a hard drive or slowing down a system. A computer can be infected with a virus only if the virus enters through an outside source - most often an attachment to an email or a file downloaded from the Internet. When one computer on a network becomes infected, the other computers on the network - or for that matter other computers on the Internet - are highly susceptible to contracting the virus.

Trojan Horse Programs
Trojan horse programs, or Trojans, are delivery vehicles for destructive computer code. Trojans appear to be harmless or useful software programs, such as computer games, but are actually enemies in disguise. Trojans can delete data, mail copies of themselves to e-mail address lists and open up computers to unauthorized access from the Internet. Trojans can be contracted only by copying the Trojan horse program to a computer, downloading from the Internet or opening an email attachment.

Vandals
Web sites have come alive through the development of such software applications as ActiveX and Java Applets. These applications enable animation and other special effects to run, making web sites more attractive and interactive. However, the ease with which these applications can be downloaded and run has provided a new vehicle for inflicting damage. Vandals can take on the form of a software application or applet that causes destruction of various degrees. A vandal can destroy a single file or a major portion of a computer system.

Attacks
Innumerable types of network attacks have been documented and they are commonly classified in three general categories: (1) reconnaissance attacks, (2) access attacks, and (3) denial of service (DoS) attacks.

Reconnaissance attacks are essentially information gathering activities by which hackers collect data that is used to later compromise networks. Usually, software tools, such as sniffers and scanners, are used to map out and exploit potential weaknesses in home computers, web servers and applications.

Access attacks are conducted to gain entry to e-mail accounts, databases and other confidential information.

DoS attacks prevent access to all or part of a computer system. Sending large amounts of jumbled or other unmanageable data to a machine that is connected to the Internet, blocking legitimate traffic from getting through, usually achieves them. Even more malicious is a Distributed Denial of Service attack (DDoS) in which the attacker compromises multiple machines or hosts and uses them to attack other computers.

Data Interception
Data transmitted via any type of network can be subject to interception by unauthorized parties. The intercepting perpetrators might eavesdrop on communications or even alter the data packets being transmitted. Perpetrators can use various methods to intercept data. IP spoofing, for example, entails posing as an authorized party in the data transmission by using the Internet Protocol (IP) address of one of the data recipients.